1. Your account information stored on our servers.
Historically, customer data is stored in a database table similar to this structure:
|First Name||Last Name||Email Address||Phone Number||Password|
Developers will often use a one-way hash for the password, in case somebody gets hold of the data. What we know is that attackers always find a way to get the data, despite developers crafting "boxes" around the data.
We designed a system to store your data using a different way, which we believe is essential to your security and privacy. This way is GDPR compliant.
- A unique key is generated for each account.
- This key is encrypted using your credentials.
- Each field of your information is encrypted using your key.
- The field is identified by a one-way hash generated with your credentials.
- No association with clear text identifiers.
This means: if an attacker gains access to the database, then what they have access to is a bunch of unidentified encrypted records encrypted with unique encryption keys. No single key exists to decrypt the contents of the entire database. This greatly reduces the overall risk involved with storing your information. It is difficult to target a specific account. This method also gives you a high level of control of your information, because it is only a one-way journey to the data, based on your credentials.
Here is an example of our database table:
Data is stored on dedicated machines designated for sensitive data. This reduces the possibility of exposing data to vulnerabilities which may occur in various software. Access to the database is limited by a firewall, and queries are authenticated by signed nonce, using asymmetric encryption.
Column "A" identifies the data field, such as "First Name". There are no duplicate hash strings in column "A", each is unique. Another customer's "First Name" record would be identified with a different hash string.
The information you store in your account is only accessible to you. We cannot access the information. Your credentials are not stored in our systems.
This presents a problem of the "lost or forgotten password". We can re-encrypt the key using your old password and a new password, but if you totally forget your password, the account is permanently locked. This problem can be solved by using security questions and answers, biometric data, or a security device such as the YubiKey.
We recommend using long, unique passwords. Never use the same password. Consider using the password manager Bit Warden. Also keep in mind that your email account is a treasure-trove of information, and we suggest using ProtonMail for correspondance related to your finances.
2. Information you give to us.
When you purchase a product or service from us, you will have to disclose some information such as payment or shipping information. In order to process a credit card payment, we will have to send your billing information to a third party processor. In the case of a physical shipment, we will have to send your information to a third party shipping company. If you choose to receive email updates about our products and services, then you will need to provide your email address to us. If you contact us for support, you may be required to disclose information about your operation of our software, your hardware, or other information to assist us in helping you. Any information you provide to us we shall store for the duration of the activity. For example, after your payment is processed your payment details, ie credit card number data, are destroyed. We keep basic information to assist in accounting, refunds and chargebacks. Which includes your name, last four digits of your credit card, and the amount and date of the order. Any data we retain is not stored on a public server, and is encrypted per IETF RFC 4880.
3. Deleting your information.
You have the right to request that your information be removed from our systems. You can delete your account information on our web site by authenicating your credentials and selecting the "delete information" option in your account admin area. If you desire to have your information removed from our operations, such as shipping address and billing details, please contact us and we will verify and comply with your request.
4. Identity Verification Requirement.
Some activities on our web site may require identity verification, including copies of your government-issued identification documents, and utility bills. In the event that we are required by law to collect this information, we will take every measure to secure your data, including encypting it per IETF RFC 4880 (PGP). We will retain this information as required.
We report all activity we believe to be fraudulent, illegal or an attempt at breaching our systems. We shall contact an ISP or appropriate authority regarding any unlawful attempt.
If you discover a vulnerability or security issue regarding our products or services, please Contact Us.